Configure Comply for a custom NGINX ingress (offline environment)
Configure Puppet Comply in an air-gapped or offline environment where the Comply host server does not have direct access to the internet.
In Puppet Application Manager, upload your Comply licence and follow the prompts.
You’ll be guided through the process of setting up SSL certificates, uploading a license, and checking to make sure your infrastructure meets Comply system requirements.Note: The license file is issued by Puppet. If you do not have a license file, contact your Puppet representative. You must also agree to our license agreement. If your licence terms update, for example the expiry date or number of licensed nodes, upload your updated license file to Puppet Application Manager.
When prompted, upload the
.airgapbundle for the most recent version of Comply.Note: Puppet provides you with a custom URL from which to download the Comply
.airgapfile. Please open a ticket with Puppet Support to receive your custom download URL.
To configure your installation, click Config.
In the Hostname field, enter the fully qualified
domain name (FQDN) that you want to use to access Comply.
For example, this could be the name of the node you have installed Comply on. If you choose to use an FQDN that is different from the name of this node, you must configure your domain name system (DNS) to resolve the FQDN to the IP address of the Comply node.
In the Configure access section, add the
following annotations to configure the Ingress if you use
kubernetes.io/ingress.class: nginx cert-manager.io/cluster-issuer: letsencrypt-prod
- Configure any other settings on the page relevant to your installation.
- When you have finished making any necessary changes to the configuration, click Continue.
- In the Hostname field, enter the fully qualified domain name (FQDN) that you want to use to access Comply.
Monitor the new version's preflight checks. The Running
Checks indicator is shown on the screen while Comply checks your system to make sure your
cluster meets minimum system requirements. When the preflight check is
- If the status is Checks Failed, click
View preflights. Correct the issues and click
Re-run. Repeat this step as needed.Important: Do not move on until all preflight checks pass.
- If the status is Ready to Deploy, move on to the next step.
- If the status is Checks Failed, click View preflights. Correct the issues and click Re-run. Repeat this step as needed.